<?php
// 仅当会话尚未启动时调用 session_start()
if (session_status() == PHP_SESSION_NONE) {
    session_start();
}

// 检查用户是否已登录，且用户角色合法
if (!isset($_SESSION['role']) || !isset($_SESSION['u_No']) && !isset($_SESSION['ad_No'])) {
    header('Location: http://localhost/Library_management_system/index.php');
    exit();
}

// 连接数据库
try {
    $pdo = new PDO('mysql:host=localhost;dbname=library', 'root', '123456');
    $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (PDOException $e) {
    die("数据库连接失败: " . $e->getMessage());
}

// 处理密码修改请求
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['new_password'])) {
    $new_password = trim($_POST['new_password']);
    
    if ($_SESSION['role'] === 'reader') {
        $u_No = $_SESSION['u_No'];
        
        // 更新读者密码（以明文形式存储）
        $stmt = $pdo->prepare('UPDATE users SET u_password = :new_password WHERE u_No = :u_No');
        $stmt->execute([':new_password' => $new_password, ':u_No' => $u_No]);
        echo '<p>密码更新成功！</p>';
    } elseif ($_SESSION['role'] === 'admin') {
        $ad_No = $_SESSION['u_No'];
        
        // 更新管理员密码（以明文形式存储）
        $stmt = $pdo->prepare('UPDATE administrator SET a_password = :new_password WHERE ad_No = :ad_No');
        $stmt->execute([':new_password' => $new_password, ':ad_No' => $ad_No]);
        echo '<p>密码更新成功！</p>';
    }
}

// 获取当前用户的信息
if ($_SESSION['role'] === 'reader') {
    // 读者
    $u_No = $_SESSION['u_No'];
    $stmt = $pdo->prepare('SELECT u_No, u_password FROM users WHERE u_No = :u_No');
    $stmt->execute([':u_No' => $u_No]);
    $user = $stmt->fetch(PDO::FETCH_ASSOC);
} elseif ($_SESSION['role'] === 'admin') {
    // 管理员
    $ad_No = $_SESSION['u_No'];
    $stmt = $pdo->prepare('SELECT ad_No, a_password FROM administrator WHERE ad_No = :ad_No');
    $stmt->execute([':ad_No' => $ad_No]);
    $admin = $stmt->fetch(PDO::FETCH_ASSOC);
}
?>

<!DOCTYPE html>
<html lang="zh-CN">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>个人信息</title>
    <!-- 引入外部CSS文件 -->
    <link rel="stylesheet" href="style.css">
</head>
<body>

<div class="container">
    <!-- 显示用户信息 -->
    <?php if ($_SESSION['role'] === 'reader' && isset($user)): ?>
        <form method="POST">
            <label for="user_id">用户ID:</label>
            <p id="user_id"><?php echo htmlspecialchars($user['u_No']); ?></p>

           <!--  <label for="user_password">用户密码:</label>
            <p id="user_password"><?php echo htmlspecialchars($user['u_password']); ?></p>
            -->
            <label for="new_password">新密码:</label><br>
            <!-- 使用 <input type="password"> 来代替 <textarea> -->
            <input type="password" name="new_password" required style="width: 250px; height: 30px;"/><br><br>
            <button type="submit">修改密码</button>
        </form>


    <?php elseif ($_SESSION['role'] === 'admin' && isset($admin)): ?>
        <form method="POST">
            <label for="admin_id">用户ID:</label>
            <p id="admin_id"><?php echo htmlspecialchars($admin['ad_No']); ?></p>

        <!--     <label for="admin_password">管理员密码:</label>
            <p id="admin_password"><?php echo htmlspecialchars($admin['a_password']); ?></p>
-->
            <label for="new_password">新密码:</label><br>
           <input type="password" name="new_password" required style="width: 250px; height: 30px;"/><br><br>
            <button type="submit">修改密码</button>
        </form>
    <?php endif; ?>

</div>

    <!-- 退出按钮     <a href="logout.php" class="logout-btn">退出</a>-->

</body>
</html>
